001
014
015 package com.liferay.portal.security.auth;
016
017 import com.liferay.portal.NoSuchUserException;
018 import com.liferay.portal.kernel.exception.SystemException;
019 import com.liferay.portal.kernel.log.Log;
020 import com.liferay.portal.kernel.log.LogFactoryUtil;
021 import com.liferay.portal.kernel.util.LocaleUtil;
022 import com.liferay.portal.kernel.util.ParamUtil;
023 import com.liferay.portal.kernel.util.PropsKeys;
024 import com.liferay.portal.kernel.util.StringPool;
025 import com.liferay.portal.kernel.util.Validator;
026 import com.liferay.portal.kernel.util.WebKeys;
027 import com.liferay.portal.model.CompanyConstants;
028 import com.liferay.portal.model.User;
029 import com.liferay.portal.security.ldap.PortalLDAPImporterUtil;
030 import com.liferay.portal.service.ServiceContext;
031 import com.liferay.portal.service.UserLocalServiceUtil;
032 import com.liferay.portal.servlet.filters.sso.opensso.OpenSSOUtil;
033 import com.liferay.portal.theme.ThemeDisplay;
034 import com.liferay.portal.util.PortalUtil;
035 import com.liferay.portal.util.PrefsPropsUtil;
036 import com.liferay.portal.util.PropsValues;
037 import com.liferay.util.PwdGenerator;
038
039 import java.util.Calendar;
040 import java.util.Locale;
041 import java.util.Map;
042
043 import javax.servlet.http.HttpServletRequest;
044 import javax.servlet.http.HttpServletResponse;
045
046
050 public class OpenSSOAutoLogin extends BaseAutoLogin {
051
052 protected User addUser(
053 long companyId, String firstName, String lastName,
054 String emailAddress, String screenName, Locale locale)
055 throws Exception {
056
057 long creatorUserId = 0;
058 boolean autoPassword = false;
059 String password1 = PwdGenerator.getPassword();
060 String password2 = password1;
061 boolean autoScreenName = false;
062 long facebookId = 0;
063 String openId = StringPool.BLANK;
064 String middleName = StringPool.BLANK;
065 int prefixId = 0;
066 int suffixId = 0;
067 boolean male = true;
068 int birthdayMonth = Calendar.JANUARY;
069 int birthdayDay = 1;
070 int birthdayYear = 1970;
071 String jobTitle = StringPool.BLANK;
072 long[] groupIds = null;
073 long[] organizationIds = null;
074 long[] roleIds = null;
075 long[] userGroupIds = null;
076 boolean sendEmail = false;
077 ServiceContext serviceContext = new ServiceContext();
078
079 return UserLocalServiceUtil.addUser(
080 creatorUserId, companyId, autoPassword, password1, password2,
081 autoScreenName, screenName, emailAddress, facebookId, openId,
082 locale, firstName, middleName, lastName, prefixId, suffixId, male,
083 birthdayMonth, birthdayDay, birthdayYear, jobTitle, groupIds,
084 organizationIds, roleIds, userGroupIds, sendEmail, serviceContext);
085 }
086
087 @Override
088 protected String[] doLogin(
089 HttpServletRequest request, HttpServletResponse response)
090 throws Exception {
091
092 long companyId = PortalUtil.getCompanyId(request);
093
094 if (!PrefsPropsUtil.getBoolean(
095 companyId, PropsKeys.OPEN_SSO_AUTH_ENABLED,
096 PropsValues.OPEN_SSO_AUTH_ENABLED)) {
097
098 return null;
099 }
100
101 String serviceUrl = PrefsPropsUtil.getString(
102 companyId, PropsKeys.OPEN_SSO_SERVICE_URL);
103
104 if (!OpenSSOUtil.isAuthenticated(request, serviceUrl)) {
105 return null;
106 }
107
108 boolean ldapImportEnabled = PrefsPropsUtil.getBoolean(
109 companyId, PropsKeys.OPEN_SSO_LDAP_IMPORT_ENABLED,
110 PropsValues.OPEN_SSO_LDAP_IMPORT_ENABLED);
111 String screenNameAttr = PrefsPropsUtil.getString(
112 companyId, PropsKeys.OPEN_SSO_SCREEN_NAME_ATTR,
113 PropsValues.OPEN_SSO_SCREEN_NAME_ATTR);
114 String emailAddressAttr = PrefsPropsUtil.getString(
115 companyId, PropsKeys.OPEN_SSO_EMAIL_ADDRESS_ATTR,
116 PropsValues.OPEN_SSO_EMAIL_ADDRESS_ATTR);
117 String firstNameAttr = PrefsPropsUtil.getString(
118 companyId, PropsKeys.OPEN_SSO_FIRST_NAME_ATTR,
119 PropsValues.OPEN_SSO_FIRST_NAME_ATTR);
120 String lastNameAttr = PrefsPropsUtil.getString(
121 companyId, PropsKeys.OPEN_SSO_LAST_NAME_ATTR,
122 PropsValues.OPEN_SSO_LAST_NAME_ATTR);
123
124 Map<String, String> nameValues = OpenSSOUtil.getAttributes(
125 request, serviceUrl);
126
127 String screenName = nameValues.get(screenNameAttr);
128 String emailAddress = nameValues.get(emailAddressAttr);
129 String firstName = nameValues.get(firstNameAttr);
130 String lastName = nameValues.get(lastNameAttr);
131
132 if (_log.isDebugEnabled()) {
133 _log.debug(
134 "Validating user information for " + firstName + " " +
135 lastName + " with screen name " + screenName +
136 " and email address " + emailAddress);
137 }
138
139 User user = null;
140
141 if (PrefsPropsUtil.getBoolean(
142 companyId, PropsKeys.USERS_SCREEN_NAME_ALWAYS_AUTOGENERATE)) {
143 try {
144 user = UserLocalServiceUtil.getUserByEmailAddress(
145 companyId, emailAddress);
146
147 ScreenNameGenerator screenNameGenerator =
148 ScreenNameGeneratorFactory.getInstance();
149
150 screenName = screenNameGenerator.generate(
151 companyId, user.getUserId(), emailAddress);
152 }
153 catch (NoSuchUserException nsue) {
154 }
155 }
156
157 if (ldapImportEnabled) {
158 try {
159 String authType = PrefsPropsUtil.getString(
160 companyId, PropsKeys.COMPANY_SECURITY_AUTH_TYPE,
161 PropsValues.COMPANY_SECURITY_AUTH_TYPE);
162
163 if (authType.equals(CompanyConstants.AUTH_TYPE_SN)) {
164 user = PortalLDAPImporterUtil.importLDAPUser(
165 companyId, StringPool.BLANK, screenName);
166 }
167 else {
168 user = PortalLDAPImporterUtil.importLDAPUser(
169 companyId, emailAddress, StringPool.BLANK);
170 }
171 }
172 catch (SystemException se) {
173 }
174 }
175 else {
176 if (Validator.isNull(emailAddress)) {
177 return handleException(
178 request, response, new Exception("Email address is null"));
179 }
180 }
181
182 if (user == null) {
183 try {
184 user = UserLocalServiceUtil.getUserByScreenName(
185 companyId, screenName);
186 }
187 catch (NoSuchUserException nsue) {
188 }
189 }
190
191 if (user == null) {
192 ThemeDisplay themeDisplay = (ThemeDisplay)request.getAttribute(
193 WebKeys.THEME_DISPLAY);
194
195 Locale locale = LocaleUtil.getDefault();
196
197 if (themeDisplay != null) {
198
199
200
201
202 locale = themeDisplay.getLocale();
203 }
204
205 if (_log.isDebugEnabled()) {
206 _log.debug("Adding user " + screenName);
207 }
208
209 user = addUser(
210 companyId, firstName, lastName, emailAddress, screenName,
211 locale);
212 }
213
214 String currentURL = PortalUtil.getCurrentURL(request);
215
216 if (currentURL.contains("/portal/login")) {
217 String redirect = ParamUtil.getString(request, "redirect");
218
219 if (Validator.isNull(redirect)) {
220 redirect = PortalUtil.getPathMain();
221 }
222
223 request.setAttribute(AutoLogin.AUTO_LOGIN_REDIRECT, redirect);
224 }
225
226 String[] credentials = new String[3];
227
228 credentials[0] = String.valueOf(user.getUserId());
229 credentials[1] = user.getPassword();
230 credentials[2] = Boolean.TRUE.toString();
231
232 return credentials;
233 }
234
235 private static Log _log = LogFactoryUtil.getLog(OpenSSOAutoLogin.class);
236
237 }